CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-8856

Foxit Reader for Mac 2.1.0.0804 and earlier and Foxit Reader for Linux 2.1.0.0805 and earlier suffered from a vulnerability where weak file permissions could be exploited by attackers to execute arbitrary code. After the installation, Foxit Reader's core files were world-writable by default, allowing an attacker to overwrite them with backdoor code, which when executed by privileged user would result in Privilege Escalation, Code Execution, or both.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 0.4%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 4.6

References

http://www.securityfocus.com/bid/93608
http://www.securitytracker.com/id/1037101
https://www.foxitsoftware.com/support/security-bulletins.php
http://www.securityfocus.com/bid/93608
http://www.securitytracker.com/id/1037101
https://www.foxitsoftware.com/support/security-bulletins.php

Products affected by CVE-2016-8856

Foxitsoftware » Reader » Version: 2.1.0.0804

cpe:2.3:a:foxitsoftware:reader:2.1.0.0804
Foxitsoftware » Reader » Version: 2.1.0.0805

cpe:2.3:a:foxitsoftware:reader:2.1.0.0805

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-8856

Products

Pricing

Contact Us